4

I have used createToken method on User model to create personal access token. Now I want to refresh that token in code without http request to oauth/token/refresh. How could I do that?

Ali Farhoudi
  • 5,350
  • 7
  • 26
  • 44
  • 1
    This could help? https://github.com/laravel/passport/issues/71 – Ben Dubuisson Feb 12 '18 at 21:41
  • 1
    Thanks @BenDubuisson. It was helpful. But I couldn't do my final target: Refresh existing access token. I will try to do that again with new information on that thread. – Ali Farhoudi Feb 13 '18 at 07:02
  • My suggestion would be to read the source code of laravel passport and understand how it works. – Ben Dubuisson Feb 13 '18 at 08:24
  • 1
    Can you confirm you are talking about Laravel passport please? – Ben Dubuisson Feb 13 '18 at 21:29
  • When you say without http request, you also mean without using Guzzle? otherwise: https://stackoverflow.com/questions/45851673/laravel-passport-password-grant-refresh-token – Ben Dubuisson Feb 13 '18 at 21:44
  • Yes, absolutely. I'm using laravel passport package. I have tried to read the source code. It was not so easy to pick just some of the code to use for generating and refreshing tokens. Now i'm trying to use the link you sent. – Ali Farhoudi Feb 14 '18 at 05:33
  • Yes I also mean without guzzle client. Currently i'm using this method, but that's not a good way. (Even apache logs these requests named "dummy internal request") – Ali Farhoudi Feb 14 '18 at 05:34
  • @BenDubuisson ```Route::dispatch``` is a nice method. Take a look at this: https://stackoverflow.com/questions/44172818/registering-user-with-laravel-passport – Ali Farhoudi Feb 14 '18 at 09:47
  • salam ali jaan!! ahmad mobaraki hastam, kheili mokhlesim. che donyaye koochikie ;D :D yaade yarima be kheir :) please send me your phone so I can call you :) ahmadmobaraki65@gmail.com Agha in moshkele manam hast, raahi peyda kardi ya na?? My problem: I want to create a password less auth system with laravel passport, so I can not use password grant tokens and It should be done with personal access tokens, but it seems laravel passport only have api fot creating access tokens not refresh :( I have seen BenDubuisson suggested link but is there a better way? – Ahmad Mobaraki Apr 26 '20 at 21:24
  • @AhmadMobaraki salam ahmad jan. eradatmand. Yes, you can implement any custom grant type you want and implement your custom authetication method. This is the same way laravel socialite is using for social networks login. – Ali Farhoudi Apr 27 '20 at 02:38

1 Answers1

5

How often are you trying to refresh personal access tokens? You should just recreate one, if/when needed. They are by default long lived so the expiry is quite long, one year if I recall correctly.

Personal access tokens are always long-lived. Their lifetime is not modified when using the tokensExpireIn or refreshTokensExpireIn methods.

  • Thanks @btl. For some security reasons, I have shortened access tokens lifetime. – Ali Farhoudi Feb 13 '18 at 05:44
  • @AliFarhoudi How did you reduced the tokens lifetime? – VishalParkash May 11 '20 at 14:05
  • 1
    @VishalParkash, you can add `Passport::personalAccessTokensExpireIn(now()->addMonths(6));` to `AuthServiceProvider::boot` method. See the docs [here](https://laravel.com/docs/7.x/passport#token-lifetimes) – Wesley Gonçalves Aug 04 '20 at 18:46
  • 1
    You can add these lines to boot method of AuthServiceProvider.php. `$server = $this->app->make(\League\OAuth2\Server\AuthorizationServer::class); $server->enableGrantType(new \Laravel\Passport\Bridge\PersonalAccessGrant(), new \DateInterval('P30D'));` for example it makes it 30 days long. @VishalParkash – Aarony Feb 08 '22 at 14:05